CVE-2018-9158 Information

Description

An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don’t employ a suitable mechanism to prevent a DoS attack which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack and the services are interrupted from attack start to end.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://www.slideshare.net/secret/HpAEwK5qo5U4b1

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5